NixOS and glibc, part 2

In my previous post I patched glibc on my NixOS install only to find that unpatched copies were still loaded in the system; emacs was using one, and lsof was using another (although it occurred to me that perhaps the act of looking for open files was somehow opening this older glibc. Hmm…)

I hoped to figure out the problem then and there but had to go eat something. Such is life.

Now I’m back, although in the meantime I think I’ve updated nixpkgs and rebuilt the system, so I’m sure I’ll get different results. Let’s try my command from last time:

Let’s take htop’s glibc first. It appears to be rooted with my user profile, although htop is not actually installed in my user profile: it’s in the default profile, which I take it is the profile of the root user.

Looking in the patched glibc list, htop appears there. So, this seems to be the issue: the patch only works for system packages. User profiles (including the default profile) will not get patched because… well, I guess that’s just not how it’s implemented. A bit annoying in this case: it displays both a strength and weakness in using NixOS. The strength of Nix is that the profiles are more or less totally isolated and even updating glibc for system packages won’t affect user packages. The downside is that you might not expect this, and it makes it rather difficult to update core dependencies. Apparently the trick of patching the system doesn’t exist for user profiles; I would need to build glibc from scratch to properly patch it. I don’t particularly want to find out how long that would take.

Part of my problem is that I rely too much on user profiles; my entire development environment should probably be in the systemPackages attribute of NixOS. However I also use Nix packages on my OSX laptop, and in that case there is no systemPackages; so I’ll need to figure out how share the same set of packages between the two.

I’m guessing the other glibcs exist for the same reason except in the case of haskell, which does link into the current running system. I’ll need to dive in further to investigate why that is, but I think that’s enough for today.